media/libmedia/IOMX.cpp in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-04-01 does not initialize a parameter data structure, which allows malicious users to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android 4.4.3 |
||
google android 4.4.2 |
||
google android 4.1.2 |
||
google android 4.1 |
||
google android 6.0.1 |
||
google android 6.0 |
||
google android 4.4.1 |
||
google android 4.4 |
||
google android 4.0.4 |
||
google android 4.0.3 |
||
google android 5.0.1 |
||
google android 5.0 |
||
google android 4.2.2 |
||
google android 4.2.1 |
||
google android 4.2 |
||
google android 4.0 |
||
google android 5.1.0 |
||
google android 5.1 |
||
google android 4.3.1 |
||
google android 4.3 |
||
google android 4.0.2 |
||
google android 4.0.1 |